101
101
Jul 3, 2012
07/12
by
Jack Whitsitt
movies
eye 101
favorite 0
comment 0
64
64
Jul 3, 2012
07/12
by
Nish Bhalla
movies
eye 64
favorite 0
comment 0
346
346
movies
eye 346
favorite 0
comment 0
Network scanners are a valuable resource in the security practitioner.s toolkit. They are used to actively probe a network in order to generate a snapshot of the current environment. However, they are not without limitations; they can be loud, resource intensive, and the results can be quickly outdated. During this presentation I will discuss how a passive scanner can be used to identify network traffic. Passive Asset Detection System (PADS) was designed to supplement active scanners by...
Topic: Recon,Security,Conference
821
821
movies
eye 821
favorite 0
comment 0
Recon 2005 Keynote speach (http://recon.cx) by Ryan Russell
Topic: recon,Security,Reverse Engineering,Conference
63
63
Jul 3, 2012
07/12
by
Cedric Blancher
movies
eye 63
favorite 0
comment 0
39
39
Jul 3, 2012
07/12
by
Matt Shelton
movies
eye 39
favorite 0
comment 0
13
13
movies
eye 13
favorite 0
comment 0
387
387
movies
eye 387
favorite 0
comment 0
Users on the internet are doing more and more of their daily work over peer-to-peer applications. Existing protocols such as SMTP and IRC are being replaced by peer-to-peer file transfer, voice chat, and text messaging systems. Unfortunately, the popular protocols are not secure, and the secure protocols are not popular. In this talk, we will talk about the security properties of the existing peer-to-peer systems, as well as describing an open-source system in development, CUTLASS. CUTLASS aims...
Topic: Encrypted,P2P,voip,CUTLASS,Recon,Conference,Security
155
155
Jul 3, 2012
07/12
by
Spoonm
movies
eye 155
favorite 0
comment 0
44
44
Jul 3, 2012
07/12
by
Jonathan Levin
movies
eye 44
favorite 0
comment 0
578
578
movies
eye 578
favorite 0
comment 0
Registration number protections require the user to enter a registration number to register a software application. However, in most cases such a protection can be defeated easily by an in-depth analysis of the disassembled code or by tracing the applications execution using dynamic disassembly (debugging) techniques. Even there still is heavy use of simple XOR encryption methods, several software applications use high optimized cryptographic algorithms to prove the given input for validity....
Topic: Petrinet,Reverse Engineering,Recon,Security,Conference
35
35
Jul 3, 2012
07/12
by
Thorsten Schneider
movies
eye 35
favorite 0
comment 0
28
28
Jul 3, 2012
07/12
by
Kathy Wang
movies
eye 28
favorite 0
comment 0
84
84
Jul 3, 2012
07/12
by
Ryan Russell and Nicolas Brulez
movies
eye 84
favorite 0
comment 0
80
80
Jul 3, 2012
07/12
by
Andrew Griffiths
movies
eye 80
favorite 0
comment 0
28
28
movies
eye 28
favorite 0
comment 0
600
600
Dec 31, 2006
12/06
by
Recon Conference
movies
eye 600
favorite 0
comment 0
In this presentation, we will introduce the new Linux Trace Toolkit Next Generation (LTTng) kernel tracer and its analysis counterpart, Linux Trace Toolkit Viewer (LTTV), a fully extensible text and graphical trace viewer. We will focus on how these tools can be used in the security field, particularly for reverse engineering. It can be very useful to reverse engineer a software "black box". It can be a driver, a library or a multithreaded application : the tracer can log every...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security, LTT, Kernel, Tracing
768
768
movies
eye 768
favorite 0
comment 0
The Winsock SPI, or Service Provider Interface, has been a part of Winsock since the advent of version 2.0. It enables providers to extend the Winsock API transparently, by installing their own hooks and chains to application API calls. However, its formidable capabilities are not put to widespread use... aside from spyware. This lecture begins with a brief overview of the Windows TCP/IP Stack - reviewing the terminology, From NDIS to Winsock 2. We then delve further to explore Winsock,...
Topic: Recon,Security,Conference,Winsock
45
45
Jul 3, 2012
07/12
by
Ryan Russell
movies
eye 45
favorite 0
comment 0
1,058
1.1K
movies
eye 1,058
favorite 0
comment 0
Adam Shostack was once Most Evil Genius for Zero Knowledge systems. He is now coordinating a project to set up anonymous blogs for people in repressive nations, and would like to tell the folks attending Recon about it, and get some of them involved. Bio Adam Shostack is a technologist, startup veteran and regular public speaker. He has published papers on the security, privacy, as well as economics, copyright and trust.
Topic: Recon,Conference,Security,Anonymity,Anonymous,Blogging,Adam Shostack
4,416
4.4K
movies
eye 4,416
favorite 1
comment 0
Like a skilled native, the able seeker has become part of the web. He knows the smell of his forest: the foul smelling mud of the popups, the slime of a rotting commercial javascript. He knows the sounds of the web: the gentle rustling of the jpgs, the cries of the brightly colored mp3s that chase one another among the trees, singing as they go; the dark snuffling of the m4as, the different sounds and the rustling of the databases, the pathetic cry of the common user, a plaintive cooing that...
Topic: recon,Security,Conference,search
925
925
movies
eye 925
favorite 0
comment 0
People who are interested in maintaining situational awareness often deploy honeypots. However, there are whole classes of attacks for which honeypot devices are not very useful, due to their passive nature. Honeyclients are client-based applications that actively seek malicious servers to gather data for further analysis. This talk will focus on honeyclients, how they can be used, and will share interesting data that has been gathered with a honeyclient. As part of this presentation, an...
Topic: Honeypot,Honeyclient,Recon,Conference,Security
442
442
movies
eye 442
favorite 0
comment 0
IDS Analysts today - as well as anyone else trying to parse large volumes of information - have a significant problem dealing with issues of context and correlation. Looking at thousands of lines of text just doesn't do it for them. Keeping all of the relevant details of the traffic in your head at once is just not efficient (or, in many cases, possible). Visualizing IDS events (as a solution to this problem) is often attempted but never really seems to catch on. This talk will explain some of...
Topic: Recon,Security,Conference,IDS,visual analysi
64
64
Jul 3, 2012
07/12
by
Jonathan Westhues
movies
eye 64
favorite 0
comment 0
77
77
Jul 3, 2012
07/12
by
Fravia Wizard
movies
eye 77
favorite 0
comment 0
24
24
Jul 3, 2012
07/12
by
Adam Shostack
movies
eye 24
favorite 0
comment 0
789
789
movies
eye 789
favorite 0
comment 0
For some silly reason, people commonly think that libraries like "libpcap", "libdnet", and libnids" are difficult to use, yet they're not. developing skills with these libraries and combining them with "libevent" allows you to develop many networking tools and widgets such as scanners, sniffers, and other recon toolkits. this talk will introduce these libraries and show how they can be combined using event driven programming paradigms. the development language...
Topic: Recon,Security,Conference,python,libevent,libdnet,libnids,programming,network
597
597
movies
eye 597
favorite 0
comment 0
In today's world, closed-source software dominates the desktop and much of the server room. While a variety of tools and methodologies exist for security research in open-source software, binary analysis remains a mostly unexplored field. Post discovery and 0day vulnerability researchers heavily rely on reverse code engineering (RCE) to accomplish their work. The purpose of this talk is to introduce the art and science of "Process Stalking" to the general public. "Process...
Topic: Recon,Security,Reverse Engineering,Conference,Process Stalker
805
805
movies
eye 805
favorite 1
comment 0
`Proximity cards' are commonly used as high-tech replacements for magstripe cards or metal keys: you hold the card within a few inches of the reader, and the door clicks open. They are interesting because they are routinely used to control access to property or services. These cards contain electronic circuitry that authenticates them to the reader using a radio link. Many such systems are designed with no security at all. This means that the only barrier to entry is the complexity of the...
Topic: Recon,Security,Conference,search
1.2M
1.2M
Aug 29, 2005
08/05
by
David 'marshmallow' Gibbons
movies
eye 1.2M
favorite 7
comment 0
Individual levels speed runs of Counter Strike: Condition Zero by David 'marshmallow' Gibbons. Level name Time Date Counter Terrorist Training 9:13 16.04.05 Recoil 5:07 14.05.05 Lost Cause 4:44 17.05.05 Secret War 5:36 14.05.05 Building Recon 9:33 19.05.05 Druglab 4:27 15.05.05 Motorcade Assault 3:52 14.05.05 Thin Ice 3:04 14.05.05 Downed Pilot 8:45 16.04.05 Hankagai 4:59 16.05.05 Turn of the Crank 3:05 17.05.05 Alamo 4:24 15.05.05 Rise Hard 11:54 22.05.05 Miami Heat 5:58 17.05.05 Truth in...
Topic: Counter Strike
2,828
2.8K
movies
eye 2,828
favorite 1
comment 1
Recon is a security and reverse engineering conference located in montreal. All videos are encoded in xvid format.
favoritefavoritefavoritefavoritefavorite ( 1 reviews )
Topics: Reverse engineering, Recon, Conference, Security
1,228
1.2K
movies
eye 1,228
favorite 0
comment 0
One of the most common examples of reverse engineering is malicious code analysis. In order to clean up after, and prevent further infection by a piece of malicious code, it must be analyzed. Such analysis is often used for generating IDS signatures, detemining exploits used (and hence which patches would be required) and writing detection modules for antivirus software. Usually, this must be done in as little time as possible. This presentation will cover two examples of popular Windows...
Topic: Recon,Security,Reverse Engineering,Conference
708
708
movies
eye 708
favorite 0
comment 0
The presentation will cover various issues regarding: protecting binaries against analysis license code implementation schemes modifications that can be made against a binary watermarking a binary This presentation will mainly focus on the Linux operating system, however, the ideas presented are applicable for other operating systems as well. The presentation is aimed to give a general high level overview with some examples to demonstrate the case in point. An indepth paper on these subjects is...
Topic: Recon,Security,Reverse Engineering,Conference
43
43
movies
eye 43
favorite 1
comment 0
Publicado el 3 mar. 2015 United States Marine Force Recon. The Force Reconnaissance companies (FORECON), also known as Force Recon, (0358) are one of the United States Marine Corps's special operations capable forces (SOC) that provide essential elements of military intelligence to the command element of the Marine Air-Ground Task Force (MAGTF); supporting their task force commanders, and their subordinate operating units of the Fleet Marine Force (FMF). Historically, the Force Recon companies,...
Topic: A
1,907
1.9K
Oct 29, 2006
10/06
by
Recon 2006
movies
eye 1,907
favorite 0
comment 0
One of the applications of reverse engineering in computer security is the analysis of operating systems and software for which no source code is available. Most commonly the target is Microsoft Windows, and the goal is to find new 0-day vulnerabilities or to understand the full impact of old bugs. Reverse engineering Microsoft software presents numerous challenges. Based on his experience with reversing all Microsoft patches from the last 6 months, the speaker will present a number of...
Topics: Recon, Reverse Engineering, Conference, Montreal, Security
1,101
1.1K
movies
eye 1,101
favorite 0
comment 0
This presentation aims at showing WiFi trafic injection applications in order to practically demonstrate weaknesses of commonly deployed WiFi environments, aka WEP or open networks such as hotspots, for network itself and also for stations connected to it. A practical point of vue is adopted instead of giving another "WiFi is insecure" theorical brief. The first part will briefly present 802.11 basics so everyone can understand the whole stuff (management vs. data, how injection...
Topic: Recon,Security,Conference,wifi,wireless
982
982
movies
eye 982
favorite 0
comment 0
The objective of the talk is to understand the common problems when developing code written in C/C++. It can be used as starting point to identify security problems when writing applications. The overall focus will be on the prevention of security vulnerabilities and the implementation of technical countermeasures. Reviewing code to find vulnerabilities is becoming more and more common. Reviewing code is not only useful from a developers point of view but also from an attacker's point of view....
Topic: Recon,Security,Auditing,Source Code,Conference
5,537
5.5K
Jun 28, 2012
06/12
by
ShmooCon
movies
eye 5,537
favorite 2
comment 0
ShmooCon 2009 2009 Presentations Keynote: Matt Blaze Since 2004, Matt Blaze has been a computer science professor at the University of Pennsylvania; prior to that, he spent a dozen years on the research staff of AT&T (Bell) Labs. Matt's work focuses on cryptography and its applications, trust management, physical and human scale security, designing secure systems, and networking and distributed computing. He's particularly interested in security related to public policy, such as...
Topics: shmoocon, hacker, conference
Google Hacking returns for more guaranteed fun this year at Blackhat USA! If you haven't caught one of Johnny's Google talks, you definitely should. Come and witness all the new and amazing things that can be done with Google. All new for BH USA 2005, Johnny reveals basic and advanced search techniques, basic and advanced hacking techniques, multi-engine attack query morphing, and zero-packet target foot printing and recon techniques. Check out Google's search-blocking tactics (and see them...
1,710
1.7K
movies
eye 1,710
favorite 0
comment 0
Reverse engineering panel at Recon 2005(http://recon.cx)
Topic: Recon,Security,Reverse Engineering,Conference
259
259
Jul 3, 2012
07/12
by
Jose Nazario
movies
eye 259
favorite 0
comment 0
87
87
Jul 4, 2012
07/12
by
Todd MacDermid
movies
eye 87
favorite 0
comment 0
encrypted p2p and voip spaces with cutlass Users on the internet are doing more and more of their daily work over peer-to-peer applications. Existing protocols such as SMTP and IRC are being replaced by peer-to-peer file transfer, voice chat, and text messaging systems. Unfortunately, the popular protocols are not secure, and the secure protocols are not popular. In this talk, we will talk about the security properties of the existing peer-to-peer systems, as well as describing an open-source...
